Freedom Square of Seminole Email Breach Affects 3,473 Patients

Freedom Square of Seminole, a healthcare provider located at 7800 Liberty Lane, Seminole, Florida 33772, recently reported a significant data breach to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights. The incident, reported on July 11, 2025, compromised the protected health information (PHI) of 3,473 individuals through a hacking attack on the organization's email systems.

What Happened

Freedom Square of Seminole experienced a cybersecurity incident that originated from a hacking or IT incident targeting the organization's network infrastructure. The breach specifically involved the organization's email systems, which contained sensitive protected health information belonging to thousands of patients.

According to the breach notification, the incident has drawn the attention of Strauss Borrelli PLLC, a leading data breach law firm, which is investigating the potential data security incident. Interestingly, while the HHS report indicates 3,473 individuals were affected, the law firm's investigation suggests the cybersecurity incident may have impacted the privacy of sensitive personal information and protected health information belonging to over 5,800 individuals, indicating the scope of the breach may be larger than initially reported.

Who Is Affected

The breach affects patients who received services from Freedom Square of Seminole and whose protected health information was stored in the compromised email systems. Based on the HHS Office for Civil Rights report, 3,473 individuals have been confirmed as affected by this incident.

Patients who may have been impacted by this breach would typically include those who:

• Received healthcare services at Freedom Square of Seminole
• Had their medical records, treatment information, or personal details stored in the facility's email systems
• Communicated with the healthcare provider via email regarding their medical care
• Had their information shared through email communications between healthcare staff

Breach Details

The Freedom Square of Seminole breach falls under the category of "Hacking/IT Incident" as classified by HHS. Key details about the incident include:

Breach Classification: Hacking/IT Incident Location: Email systems Date Reported to HHS: July 11, 2025 Confirmed Affected Individuals: 3,473 Potentially Affected (per legal investigation): Over 5,800

The breach specifically targeted the organization's email infrastructure, which is a common attack vector for cybercriminals seeking to access healthcare data. Email systems often contain a wealth of sensitive information, including:

• Patient medical records and treatment histories
• Insurance information and billing details
• Personal identifying information (names, addresses, dates of birth)
• Social Security numbers
• Communication between healthcare providers about patient care

What This Means for Patients

For the 3,473 confirmed affected individuals, this breach represents a significant privacy violation that could have lasting consequences. When protected health information is compromised through email systems, patients face several potential risks:

Identity Theft Risk: If personal identifying information was accessed, affected individuals may be at risk for identity theft, fraudulent account creation, or financial fraud.

Medical Identity Theft: Criminals may use stolen health information to obtain medical services, prescription drugs, or submit fraudulent insurance claims in victims' names.

Privacy Violations: The unauthorized access to personal health information represents a fundamental violation of patient privacy rights protected under HIPAA.

Ongoing Monitoring Needs: Affected individuals may need to monitor their credit reports, insurance statements, and medical records for signs of fraudulent activity for years to come.

The discrepancy between the HHS-reported number (3,473) and the law firm's investigation (over 5,800) suggests that the full scope of the breach may still be under investigation, meaning additional individuals could be notified in the future.

How to Protect Yourself

If you are a patient of Freedom Square of Seminole or believe you may have been affected by this breach, take these important steps:

Monitor Your Accounts: Regularly check your bank accounts, credit card statements, and insurance explanations of benefits for any unauthorized activity.

Review Credit Reports: Obtain free credit reports from all three major credit bureaus and look for any accounts or inquiries you don't recognize.

Consider Credit Monitoring: Enroll in credit monitoring services that can alert you to changes in your credit profile.

Watch for Medical Identity Theft: Review insurance statements and medical bills carefully for services you didn't receive or providers you've never visited.

Stay Alert for Phishing: Be cautious of emails, phone calls, or texts claiming to be related to the breach, as criminals often use data breaches as opportunities for additional scams.

Contact the Provider: Reach out to Freedom Square of Seminole directly to confirm whether your information was affected and what steps they're taking to protect patients.

Prevention Lessons for Healthcare Providers

The Freedom Square of Seminole breach highlights critical security challenges that all healthcare providers must address to protect patient information:

Email Security: Healthcare organizations must implement robust email security measures, including encryption, multi-factor authentication, and advanced threat protection to prevent unauthorized access to email systems containing PHI.

Network Segmentation: Separating email systems from other network components can help limit the scope of breaches and prevent lateral movement by attackers.

Employee Training: Regular cybersecurity training helps staff recognize phishing attempts, social engineering tactics, and other common attack vectors that target email systems.

Incident Response Planning: Having a comprehensive incident response plan enables organizations to quickly detect, contain, and respond to security incidents, potentially limiting their impact.

Regular Security Assessments: Conducting periodic security assessments and penetration testing can help identify vulnerabilities before they're exploited by attackers.

HIPAA Compliance: Maintaining strict HIPAA compliance protocols, including proper access controls, audit logs, and data handling procedures, is essential for protecting patient information.

The investigation by Strauss Borrelli PLLC suggests that affected individuals may have legal options available to them, which underscores the serious financial and legal consequences that healthcare providers face when patient data is compromised.

As healthcare continues to digitize and rely more heavily on electronic communication systems, incidents like the Freedom Square of Seminole breach serve as important reminders of the ongoing cybersecurity challenges facing the healthcare industry. Providers must remain vigilant and invest in comprehensive security measures to protect the sensitive information entrusted to them by patients.

Protect your practice with AI-powered HIPAA compliance. Get started with HIPAA Agent.